Getting Protected Content Working

I have just installed the latest version of MODx today and am kicking the tires.

I want to create a "members" section of my web site that folks can access with a shared userid/password. I’ve created a user (northside), a group (Members), a document group (Members), and have linked the user and document group.

I have created a folder and a sub-document which are both accessible by that group. After I emptied the cache the page no longer appears in the site listing.

Now I want to login so I can see that page. I tried adding the [[WebLogin]] snippet to a page and logging in. I don’t get any response, positive or negative, when I attempt to login. I also tried using the {{WebLoginSidebar}} chunk with the same results.

The docs don’t help connect the dots. What do I need to do to get the whole loop working?

Which user are we talking about in here? Is it manager or web user? They are both different, so I believe the weblogin snippet is for web user.

I’m talking about web users. I want to validate that I can create a folder of protected content "e.g. members only" in my site that isn’t accessible to an anonymous users on the site.

Most likely, the weblogin page is cached. Any forms that submit data in MODx cannot be cached. Success?

Quote from: rthrash at Jan 13, 2006, 02:29 PM

Most likely, the weblogin page is cached. Any forms that submit data in MODx cannot be cached. Success?

This did the trick for me!

Thanks for your help.

I think ModX is great, has great potential!

Yes. The real trick was understanding that I 1) need to create a login/logout page that includes the [[WebLogin]] snippet and 2) that I need to supply an argument to the snippet that redirects users to a starting point for protected content.

Is there any way to get more feedback to the user with [[WebLogin]]? If I type an incorrect password I just get a login form and I can imagine this to be somewhat confusing.

This would be something good to describe in a bit more detail in the docs.

I’m curious if you can use Apache-based directory protections if you’re using URL rewriting and friendly alias path (e.g. require valid password for /members)? I tried it a couple of different ways, but no dice so far, but I’m testing this on a subdomain using Plesk as my site control panel and Plesk doesn’t treat subdomains the same way. I tried editing the configs by hand, but I’m not sure its actually taking effect.

Quote from: briansp at Jan 13, 2006, 03:09 PM

I’m curious if you can use Apache-based directory protections if you’re using URL rewriting and friendly alias path (e.g. require valid password for /members)? I tried it a couple of different ways, but no dice so far, but I’m testing this on a subdomain using Plesk as my site control panel and Plesk doesn’t treat subdomains the same way. I tried editing the configs by hand, but I’m not sure its actually taking effect.

I don’t think it work though, because I’m assuming that it will required the real directory to be there. Which in the friendly alias path, there is no real directory it’s just a request made, and the htaccess translate it to index.php, if it couldn’t fint eh that the real file or directory is exist.

It’s just my assumption, let see the response from the other members.

Regards,

Quote from: briansp at Jan 13, 2006, 03:09 PM

Is there any way to get more feedback to the user with [[WebLogin]]? If I type an incorrect password I just get a login form and I can imagine this to be somewhat confusing.

I think that this is a bug in version 0.9.1. You should get an alert box with an error message. It worked in 0.9.0.

I have logged a bug report regarding this